11.3.1 Release Notes

When upgrading Verify Privilege Managerto a newer version, IBM Security recommends upgrading the Directory Services agent such that both are running on the same release version.

Enhancements

  • Workstation User accounts can now be created with a static password or a random password. Refer to User Management.
  • For improved usability, the Details and Password tabs have been combined on the User Management page.
  • Azure Active Directory domains now support the Azure Government Cloud instance with a new Government Instance setting.

Bug Fixes

  • A Policy Priority from the Application Policies page now enforces maximum values of 10,000.
  • From the Event Summary widget on the Dashboard,the numbers displayed for categories correctly reflect the amount of events on the Event Summary page.
  • Documentation has been updated to clarify the relationship of Product Licenses reports to the actual license values reflect on the Home screen.
  • Scheduled Job names have been restricted to prevent scheduling and display issues. Only the following special characters are permitted: ".", "-", "_". and "()".
  • If an agent requested a hash filter before collections were updated, the filter would not be properly applied to a policy. We now properly detect collection changes and rebuild these cached items.
  • User-defined endpoint groups that previously appeared under the root of a user-defined target now appear in Windows-specific and macOS-specific folders.
  • When saving managed User Group updates, a cached definition of the computer Group was saved, potentially reverting recent changes to the computer group. Now, the updated Computer Group is saved with the updates.
  • Resolved an issue with multiple policies not triggering in the correct order for the same event. Now, the higher priority policy will always trigger the event first.
  • Resolved an issue that caused an error when uploading an MSI file with a SHA256 signature.
  • Users can now select secure Computer Groups on the Policy Details page for Computer Groups targeted.
  • Previously, a valid signature had to be valid if any signature was present, regardless of the settings. Now, if the setting to require agent event signature is off, both missing an invalid signatures are ignored.

Agent Specific

Windows

  • HTML-based actions now pop up in the foreground. Additionally, icons for the user interface have been added to the task tray.
  • Elevation of programs located on remote network shares is now working properly across all known and commonly used server and share configurations.
  • The icons correctly display on the Verify Privilege Manager Remove Programs Utility.
  • The Agent Utility now reflects any policy updates that have occurred since the utility was started.
  • Resolved an issue with the update utility for Dell BIOS updates.

macOS

  • Fixed an issue where incorrect permissions prevented some administrators from editing the macOS Agent Configuration.

Known Issues

  • Computational errors will occur with running local processes that access any of the content on the drive letter made available via Google Drive for Desktop. For example, file inventory operations will fail to access Google Drive for Desktop.
  • Policies intended to elevate, require approval/justification, or block/deny access to the the entire Control Panel or to specific applets within it such as Set Time & Date and Time zone. Advanced System Settings may not work 100% of them the time due to how Microsoft has been evolving the implementation of the Control Panel and the System Settings tools.